Securing IIS

[RobbertF]

Hi:

Recently i got hacked by a worm called code-red. Looking for a howto secure IIS i found a web page that claims its product stops this attacks (bufer overflow), known and unkown. Since i installed it some other worms have hit my server but no more succcessfully hacks. Has anyone tested it in a hard way?

My 30 day trial is finishing, deserves its price? it is lot lower than other products like eeyes one.

NGSecureWeb:

http://www.ngsec.com/ngproducts/ngsw/

 

[lck092580]

I'm not sure about this product but what we're running @ the office seems to do the trick.

-ISA server
-Patched up IIS. MS has patched up the whole.
-norton antivirus <-- updates everyweek

What I did extra was to use host headers for all the sites i'm hosting. THe reason for this is because the code red worm u're talking about crawls around looking for ips. If you use host headers for all ur sites, when the worm tries ur ip, it won't get a response since u need to connect via hostheader.

Hope this helps. Good luck.

T

 

[StellaIndigo]

Securing an IIS server is a multi part process including service packing and hot fixing the OS and IIS server, setting correct access rights, closing unused ports, setting up a firewall, adding virus scanners, and creating review/monitoring policies and procedures etc. (the list goes on)

I'd suggest looking at Microsoft's security site

http://www.microsoft.com/security/

and looking at

http://www.security-focus.com

http://www.sans.org

http://www.cert.org

http://www.securetips.com

Microsoft provide a &quot;prescriptive guidance&quot; document for securing win2k (if that's what you are using).